Jeet
Reputation: 5659
NPM - ActiveDirectory Module Authentication
I am using activedirectory module from npmjs in one of my node application to authenticate against Active Directory, My question Is- Is it required to send plain string password while authenticating with AD? I mean if ad stores the user password it must be encrypting it in someway or other, can we send a encrypted password for authentications? Here is what I mean -
ad.authenticate(username, password, function(err, auth) {
// instead of plain password can it be encrypted password?
if (err) {
console.log('ERROR: '+JSON.stringify(err));
return;
}
if (auth) {
console.log('Authenticated!');
}
else {
console.log('Authentication failed!');
}
})
Upvotes: 1
Views: 1447
Answers (1)
Hunter Mitchell
Reputation: 7293
The solution is to use ldaps (Secure LDAP) and provide a CA for verification when you first connect. The credentials being sent over the wire will be encrypted and MITM attacks won't work if you forcing certificate verification.
const ActiveDirectory = require("activedirectory");
const ad = new ActiveDirectory({
url: "ldaps://dc.domain.com",
baseDN: "dc=domain,dc=com",
username: "[email protected]",
password: "password",
tlsOptions: {
ca: [fs.readFileSync("CA.crt")],
rejectUnauthorized: true // Force Certificate Verification
}
});
Upvotes: 2
Related Questions
- Active Directory authentication with NodeJS
- Nodejs ldapjs activedirectory - Password reset without knowing current password
- nodejs web site with active directory permissions
- Window Authentication Using Node JS on Linux
- Check Active Directory without password in Express js
- NodeJS - Authentication with Active Directory
- Authentication for Azure Active Directory using adal for node.js application
- node active directory authenticate and group membership
- Active Directory authentication with ldap.js
- ldap nodejs active directory authentication